FINOS license scanning cleanup

dschwartz-ftadvisory · dschwartz-ftadvisory · commit a438bc3d4621 · 2025-05-21T09:58:41.000-04:00
diff --git a/.github/workflows/cve-scanning-python.yml b/.github/workflows/cve-scanning-python.yml
@@ -17,7 +17,7 @@ jobs:
     name: Build and test App
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-python@v4
         with:
           python-version: "3.11"
@@ -34,7 +34,7 @@ jobs:
           poetry install
         working-directory: .
       - name: Scan CVEs
-        run: poetry export --without-hashes -f requirements.txt | safety check --full-report --stdin --policy-file safety-policy.yml
+        # run: poetry export --without-hashes -f requirements.txt | safety check --full-report --stdin --policy-file safety-policy.yml
         # Without poetry, use this command instead
-        # run: safety check -r requirements.txt --full-report --policy-file safety-policy.yml
+        run: safety check -r requirements.txt --full-report --policy-file safety-policy.yml
         working-directory: .
diff --git a/.github/workflows/license-scanning-python.yml b/.github/workflows/license-scanning-python.yml
@@ -18,7 +18,7 @@ jobs:
     name: Scan for licenses
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-python@v4
         with:
           python-version: "3.11"
